﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using CMN.Common;
using System.Web.Security;
using CMN.Framework;
using CMN.Entity;
namespace CMN.Controllers.Filters
{
    /// <summary>
    /// 权限验证
    /// </summary>
    public class UserAuthorizeAttribute : AuthorizeAttribute
    {

        public override void OnAuthorization(AuthorizationContext filterContext)
        {
           
           
           //string abc= filterContext.RouteData.Route.ToString();

           //AppLog.Write("OnAuthorization" + DateTime.Now.Second + "**" + DateTime.Now.Millisecond, AppLog.LogMessageType.Info);
           // string scriptExt= Utils.GetScriptNameExt.ToLower();
            if ( Utils.GetScriptUrl.ToLower().Contains("/manager/"))
            {
                //AppLog.Write("OnAuthorization/manager/" + DateTime.Now.Second + "**" + DateTime.Now.Millisecond, AppLog.LogMessageType.Info);

                //检测方法权限设置
                string controller = filterContext.RequestContext.RouteData.Values["controller"].ToString();
                string action = filterContext.RequestContext.RouteData.Values["action"].ToString();
                string cookieName = FormsAuthentication.FormsCookieName;
                HttpCookie authCookie =filterContext.HttpContext.Request.Cookies[cookieName];

                if (null == authCookie)
                {
                    // 沒有驗證 Cookie。
                    return;
                }

                FormsAuthenticationTicket authTicket = null;
                try
                {
                    authTicket = FormsAuthentication.Decrypt(authCookie.Value);
                }
                catch (Exception ex)
                {
                    // 记录意外
                    AppLog.Write(ex.Message, AppLog.LogMessageType.Error);
                    return;
                }

                if (null == authTicket)
                {
                    // Cookie 無法解密。
                    return;
                }

                // 建立 Identity 物件
                FormsIdentity id = new FormsIdentity(authTicket);
                filterContext.HttpContext.User = new PermissionPrincipal(id);
                
                if (IsAllowed(controller, action))
                {
                    
                }
                else
                {
                    AppLog.Write("权限验证无权限" +controller+action+ DateTime.Now.ToLongTimeString(), AppLog.LogMessageType.Error);
                    filterContext.RequestContext.HttpContext.Response.Write("{success:\"false\",message:\"无权访问\"}");
                    filterContext.Result = new EmptyResult();
                }
            }
        }

        /// <summary>
        /// 判断是否允许访问
        /// </summary>
        /// <param name="controller">控制器</param>
        /// <param name="action">action</param>
        /// <returns>是否允许访问</returns>
        public bool IsAllowed( string controller, string action)
        {
            return PermissionManger.IsAllowed(controller, action);
        }

    }
}